[Mimedefang] Running A/V & A/Spam for Local-host-names only
Kevin A. McGrail
kmcgrail at pccc.com
Fri Oct 10 15:34:00 EDT 2003
> > However, we have a slightly different problem where the machine is a
> > legit relay for hundreds of dynamic IPs.
>
> I assume these aren't in a nice contiguous IP-space. How are you
> authenticating relay clients? Could you perhaps leverage your
> authentication mechanism in MIMEDefang and avoid dealing with the IP
> addresses altogether? If you're using SMTP AUTH, for example, it's
> trivial to check the ${auth_authen} Sendmail macro in the event of a
> successful authentication.
Nels,
Definitely not nice and contiguous IPs. We are using POP before Auth
authentication. However, leveraging the authentication doesn't help because
they could be legitimately relaying off us to another destination and we
don't want to do outbound scanning. ONLY scanning inbound for mail destined
for this box, i.e. local-host-names scanning.
We simply don't have the resources to test the hundreds of thousands of
legit emails that go through our servers.
Regards,
KAM
More information about the MIMEDefang
mailing list